Blockchain Trust Framework – Securing Blockchain Solutions

Blockchain is a disruptive technology revolutionizing the way the enterprises do business today. The forecast on Blockchain spending in 2019 is $2.9 bn, an increase of 88.7% from $1.5 bn in 2018. It is forecasted to touch $15.9 bn in 2023.

So, blockchain is surely taking a center stage in efﬁciency improvement, enhancing trust and creating collaboration among peers in an unprecedented manner. Additionally, developing and sharing blockchain framework capabilities as open source components is aiding faster adoption of blockchain technology across the business world. Though Blockchain enhances security of data stored in the ledger yet it is also susceptible to security issues that could impact any of the components in the blockchain framework – the application components, protocols, endpoint components on the network.

The vulnerabilities in these blockchain’s building components could impact the security of solutions thereby affecting the security of the enterprise. Some of the vulnerabilities associated with blockchain frameworks are –

Endpoint vulnerabilities

Public and Private key management

Vendor risks with incorporation of 3rd party components into blockchain solutions

Scalability

Lack of standards and regulations

Limited security checks done on new code components often overlooking security gaps that may exist in them

It is essential that enough focus and effort is spend on addressing these vulnerabilities. Unlike a software application, a security issue on a blockchain network requires more effort for resolution and it may include resetting the ledger to address the security issue. This could have immense effect on the business process that leverage blockchain technology for efficiency achievement and enabling trust among peers or partners.

Given the nature of Blockchain solutions, the security of a blockchain solution can be enhanced by securing the building blocks in a blockchain framework – also known as trustware components. The trustware components comprises of software components, hardware components and protocols. This would help organization to focus on designing and implementing security into the solution without worrying about the building components or trustware components. Each blockchain framework will require specific measures to secure its trustware as its building components are different for each framework.

As an illustration, let’s take the Wipro Blockchain Trust Framework that addresses the security needs of blockchain applications. The Trust framework is depicted below –

Benefits of using a Blockchain Trust Framework

Higher compliance to security for blockchain applications covering open source components as well.

Security for an application is enhanced by securing the building blocks used to build the application, designing – implementing security measures into it and managing the security of the application as part of its maintenance activity. Ensuring security of an application is an ongoing activity that always requires due diligence from the owners of the application. Trust framework covers the entire lifecycle of Blockchain solution, and this will help customers at every stage of Blockchain adoption in their enterprise application management. The trust framework adoption by customers will enable them to avail latest security patches and guidelines that they could leverage for managing their application security. All this will help to build confidence in customers to deploy secure Blockchain applications in production.

About the Authors

Vinod is a DMTS member and has over 20 years of experience in software development and product architecture. Vinod currently leads the Blockchain security initiatives for the Cybersecurity practice at Wipro. He is an expert in Decentralized Identity, Blockchain Security and building open-source solutions. Vinod has extensive expertise in open-source and community led tools development, open-source licensing and re-engineering of products.

Sumod Rajan George PMP

Sr. Project Manager, Cyber Risk and Security services

Sumod has over 18 years of experience in software development and has managed various projects and programs for business domains, such as retail, finance, healthcare and transportation. He is currently part of the Blockchain security team with CRS, which develops solutions around Decentralized Identity Management using Blockchain technology and focuses on Trustware Security.